Vercel

2026-05-03
The OAuth Pivot: How SaaS-to-SaaS Trust Became the 2026 Supply Chain Attack
Salesloft Drift industrialized it. UNC6040 weaponized vishing into it. Vercel and Context.ai proved it pivots through Google Workspace. The pattern is the same: a third-party SaaS gets popped, the attacker inherits its OAuth grants, and your password reset does absolutely nothing.
oauth saas-supply-chain salesforce google-workspace unc6040 shinyhunters vercel salesloft drift connected-app refresh-token opinion
supply-chain 2026-04-20
Vercel Breach: Context.ai OAuth Pivot Exposes Customer Environment Variables
A Lumma Stealer infection at Context.ai gave attackers an OAuth path into a Vercel employee's Google Workspace, then into customer environment variables. ShinyHunters is now selling the data for $2M.
supply-chain oauth vercel context-ai shinyhunters saas google-workspace

The OAuth Pivot: How SaaS-to-SaaS Trust Became the 2026 Supply Chain Attack